New research indicates that terrorists are not using advanced computer tools to hide messages in innocuous-looking web images.

In February 2001, US agents suggested that terror groups, including Osama Bin Laden's al-Qaida organisation, were hiding messages in web images. The FBI has suggested that recent terrorist atrocities in the US could even have been co-ordinated using images uploaded to ordinary internet sites such as eBay.

Now Niels Provos and Peter Honeyman of the University of Michigan have found strong evidence suggesting such steganography - the science of obfuscating communications - is not used. They used detection software and brute force computing power to scan millions of images posted to the internet and found no hidden messages.

"We have analysed over two million images downloaded from eBay but have not been able to find a single hidden message," they write in their paper, Detecting Steganographic Content on the Internet.

Redundant code

Messages can be hidden within redundant parts of the digital information used to generate images in formats such as JPEG. This offers advantages over encryption, which only hides the meaning of a message, because the message itself disappears.

Provos and Honeyman ran computer programs to analyse the digital information behind images and identify any portions that might have been altered. They further checked these portions to see if any changes could be explained by normal copying errors.

The pair employed a bank of distributed computers to check through millions of images. After weeks of analysis, however, they found no hidden messages.